Vendor of Careers@Gov jobs portal hit by malware

Users of the Careers@Gov online portal were informed of a malware breach of the portal's vendor by e-mail on June 10, 2018.
Users of the Careers@Gov online portal were informed of a malware breach of the portal's vendor by e-mail on June 10, 2018.PHOTO: SCREENGRAB FROM CAREERS.GOV.SG

Threat eradicated but user data may have been compromised; investigations ongoing

Applicants for public service jobs in Singapore could have had their information compromised, as a malware infection was found to have hit an outsourced Australian-based vendor here.

Users of the Careers@Gov online portal, which lists job positions and takes in applications for public sector vacancies, were informed of a malware breach of the portal's vendor by e-mail on Sunday night.

"At this stage, the vendor has not seen further sign of suspicious activity. The malware has been contained and the threat eradicated," said the e-mail from Careers@Gov.

The portal is run by Australian human resources software provider PageUp, which counts universities, banks and the Tasmanian government among its clients.

It provides recruitment and career software for companies to create a website portal that lets them publish job openings, receive applicants' resumes and shortlist applicants.

A spokesman for the Public Service Division, which oversees the portal, said it is investigating and getting more information from PageUp.

Careers@Gov has about 297,000 accounts held by public officers and members of the public who have accessed the portal to apply for a job with the public service.

It is not known how many local accounts may have been com-promised.

PageUp had detected the malware infection much earlier, with its chief executive and co-founder Karen Cariss posting a statement on the company's website saying that the company detected unusual activity on its IT infrastructure three weeks ago. "We have some indicators that client data may have been compromised," she said.

Such data could include names and contact details of users, along with usernames and encrypted passwords.

Ms Cariss said the company is conducting a forensic investigation and is working with law enforcement and the government authorities on the matter.

A check by The Straits Times yesterday morning showed the Careers@Gov website was still running on the PageUp system, even as other clients, such as Australian bank Commonwealth Bank and telco Telstra, pulled their recruitment websites offline last week.

Mr Nick FitzGerald, a senior research fellow at cyber security firm ESET, said that although PageUp uses a strong encryption technique to protect user passwords, users should still change their passwords.

The damage done by the malware could go beyond infrastructural costs, said Mr Stuart Fisher, senior vice-president for Asia Pacific at cyber security firm Deep Instinct.

"It can also affect the public's trust and use in digital government services," he said.


Correction note: An earlier version of this story misspelled the name of cyber security firm ESET. We are sorry for the error. 

A version of this article appeared in the print edition of The Straits Times on June 12, 2018, with the headline 'Vendor of Careers@Gov jobs portal hit by malware'. Print Edition | Subscribe